I have an Android app with C code that uses the link (2) system call to create a hard link to an existing file. When I run the application on Android 5.0.2, this part of the application works. When I run the same application on an Android-M device, the link () system call returns -1 "permission denied."
I notice in my journal receiving such messages:
09-02 17:10:34.222 5291 5291 W ona.crackerjack: type=1400 audit(0.0:59): avc: denied { link } for name="fixed28" dev="mmcblk0p28" ino=82829 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=lnk_file permissive=0
This message appears next to the log message of my application, in which the link () returned -1 "permission allowed", sometimes earlier, sometimes later.
Does it create a hard link that is considered unsafe? I notice "scontext = u: r: untrusted_app". Is there a way to make the application trusted, and if so, will the link () system call be allowed to work?
source share